Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/YQBFYB0MYwrVqZbuM7UQcqbC024.roa
File: YQBFYB0MYwrVqZbuM7UQcqbC024.roa (raw, json)
Hash identifier: wyZtqH/kTGiAK4e2xHLNhEXkV/FU12e6HKB8OJ8RKis=
Subject key identifier: 61:00:45:60:1D:0C:63:0A:D5:A9:96:EE:33:B5:10:72:A6:C2:D3:6E
Certificate issuer: /CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Certificate serial: 0194282154E7140990767261E5C345EA725D
Authority key identifier: 3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/YQBFYB0MYwrVqZbuM7UQcqbC024.roa
Signing time: Thu 02 Jan 2025 17:47:40 +0000
ROA not before: Thu 02 Jan 2025 17:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60236
IP address blocks: 2a0f:2a00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:21:54:e7:14:09:90:76:72:61:e5:c3:45:ea:72:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Validity
Not Before: Jan 2 17:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=610045601d0c630ad5a996ee33b51072a6c2d36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c9:bd:5c:90:93:21:2b:3a:a2:30:9a:69:03:
da:9e:ea:fa:5b:8e:e2:78:73:f2:df:30:99:fb:b2:
f6:e9:63:21:ca:0c:29:91:fb:51:49:16:00:be:e6:
ab:56:87:e2:e1:f0:0b:da:95:85:85:db:6d:df:12:
ae:3d:15:58:45:ef:0c:d0:06:2a:52:fe:a2:d9:1e:
19:2b:cc:de:a2:b0:62:f9:f8:7a:07:e4:88:17:4d:
eb:31:4d:97:39:54:89:bf:da:3b:f9:04:b4:27:8c:
23:9a:31:bc:d4:4f:4b:fc:8a:35:72:00:e1:d9:49:
cd:3f:3a:76:e8:3a:ef:c7:21:f4:f5:8c:2f:26:58:
47:ec:f9:a2:06:a0:ef:b0:d9:f9:c9:a4:9d:2a:c4:
1a:21:43:4e:ec:7e:bf:b8:3f:1b:23:fd:99:8b:03:
cf:f3:6f:2f:14:6d:f6:21:29:d9:e9:e9:9a:f9:53:
1c:d4:ad:69:f1:1b:40:ba:76:bc:6a:a8:ec:4b:67:
f8:02:38:7d:46:83:f8:90:61:d6:ae:96:16:96:72:
ed:ef:3a:0a:67:b8:14:83:86:e2:ac:76:13:1a:90:
d8:dc:b3:89:0b:a0:d2:01:ea:89:23:f5:8e:8b:63:
b2:63:f1:dd:15:a6:13:b7:55:1e:0c:39:69:0d:9c:
f9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:00:45:60:1D:0C:63:0A:D5:A9:96:EE:33:B5:10:72:A6:C2:D3:6E
X509v3 Authority Key Identifier:
keyid:3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/YQBFYB0MYwrVqZbuM7UQcqbC024.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
5d:e4:13:78:12:b0:93:60:37:5a:43:05:7f:27:bd:aa:69:63:
de:fb:e6:e3:ed:1c:c7:27:74:93:83:4c:25:b2:b9:b3:7e:b2:
d4:e3:55:37:37:b5:a2:6f:fa:4d:2b:62:36:83:4d:a5:1b:ac:
24:c8:ca:18:db:35:c3:ee:67:cf:77:e7:17:21:2d:81:5d:69:
74:d8:fc:c4:19:7d:5a:8c:2a:4e:0c:88:82:7d:1c:df:99:11:
f6:5b:26:a4:94:dd:de:c1:56:04:23:92:49:b1:9f:8d:12:cb:
fd:a6:31:0e:e8:78:19:8f:35:28:1a:0e:eb:4e:24:f4:c6:f8:
2c:3d:9a:cf:14:7d:b9:6c:86:0c:d4:84:2e:63:7a:07:cc:28:
ce:75:ee:bd:73:e7:00:69:c1:5f:c6:ef:0f:55:ac:3c:12:c9:
b3:f0:79:86:43:a9:07:3b:b9:a7:02:02:ac:19:b4:16:6a:8d:
b8:09:32:66:aa:d2:57:98:98:77:57:79:1d:59:a9:82:50:22:
49:98:b7:52:ad:40:0b:55:d3:85:15:1a:7b:bb:e3:6f:de:8c:
fc:3b:8a:bc:5e:b4:1e:c6:46:84:40:17:77:5b:f2:71:01:cd:
da:08:c4:ab:38:9e:f1:b8:70:88:e8:3b:b3:6b:d1:9b:ba:c9:
34:f0:4f:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoIVTnFAmQdnJh5cNF6nJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMmI0ZmNlYTRiNzIyZjJhNmY2YzcwNWM1NTg5ZWUxYWJj
NjIwYWUwHhcNMjUwMTAyMTc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTAwNDU2MDFkMGM2MzBhZDVhOTk2ZWUzM2I1MTA3MmE2YzJkMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcm9XJCTISs6ojCaaQPanur6W47i
eHPy3zCZ+7L26WMhygwpkftRSRYAvuarVofi4fAL2pWFhdtt3xKuPRVYRe8M0AYq
Uv6i2R4ZK8zeorBi+fh6B+SIF03rMU2XOVSJv9o7+QS0J4wjmjG81E9L/Io1cgDh
2UnNPzp26DrvxyH09YwvJlhH7PmiBqDvsNn5yaSdKsQaIUNO7H6/uD8bI/2ZiwPP
828vFG32ISnZ6ema+VMc1K1p8RtAuna8aqjsS2f4Ajh9RoP4kGHWrpYWlnLt7zoK
Z7gUg4birHYTGpDY3LOJC6DSAeqJI/WOi2OyY/HdFaYTt1UeDDlpDZz5IwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGEARWAdDGMK1amW7jO1EHKmwtNuMB8GA1UdIwQY
MBaAFD8rT86ktyLypvbHBcVYnuGrxiCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3Mjkt
NjI1M2FkMDhmODU4LzEvWVFCRllCME1Zd3JWcVpidU03VVFjcWJDMDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3MjktNjI1M2FkMDhmODU4
LzEvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8qAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBd5BN4ErCTYDdaQwV/J72qaWPe++bj7RzHJ3ST
g0wlsrmzfrLU41U3N7Wib/pNK2I2g02lG6wkyMoY2zXD7mfPd+cXIS2BXWl02PzE
GX1ajCpODIiCfRzfmRH2WyaklN3ewVYEI5JJsZ+NEsv9pjEO6HgZjzUoGg7rTiT0
xvgsPZrPFH25bIYM1IQuY3oHzCjOde69c+cAacFfxu8PVaw8Esmz8HmGQ6kHO7mn
AgKsGbQWao24CTJmqtJXmJh3V3kdWamCUCJJmLdSrUALVdOFFRp7u+Nv3oz8O4q8
XrQexkaEQBd3W/JxAc3aCMSrOJ7xuHCI6Duza9Gbusk08E/b
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:44:08 2025 by rpki-client